The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: Proposal for signed packages

To: Christian Leutloff <leutloff@sundancer.tng.oche.de>
Subject: Re: RFC: Proposal for signed packages
From: Nikhil Nair <nn201@cus.cam.ac.uk>
Date: Fri, 14 Feb 1997 22:03:51 +0000 (GMT)
Cc: debian-private@lists.debian.org
Importance: low
In-reply-to: <87u3ni2zp5.fsf@abraxas.burg.oche.de>
Priority: non-urgent
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"5eft9.0.EM7.UAE1p"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

[Apologies if anything I write here is out of touch with the current
Debian situation - I've been essentially away from the list for quite a
while ...]

On 12 Feb 1997, Christian Leutloff wrote:

> Enrique Zanardi <ezanardi@molec1.dfis.ull.es> writes:
> 
> > - One Debian developer should be choosen to sign with that key every
> > new release of a package. (Perhaps Guy Maor, via his dinstall script?).
> 
> this requires an automated procedure. Guy can't check all packages
> manually. So it's possible to get a trojan signed by Guy oder the
> Debian project. It's really bad for debian to officially sign a
> trojan!! So it's better to get all packages signed by persons
> individuelly. In the cases where it isn't possible there can be
> someone signing for another developer.
> 
> Please, don't do (mostly) automated signing!!

I have to second this.  I've never claimed to be an expert on security,
but even I can see a few potentially serious pitfalls here.  For one
thing, if there's to be an official Debian secret key, it *must* be kept
securely - which probably means it can't be on Master or any other
multi-user system.

There was a detailed discussion on this list several months ago (maybe
nearer a year).  There was talk of having a single user system dedicated
to signing packages etc., with an individual (I think it was Bruce ...)
having personal control over it, and with several special security
precautions.  If we're to go down this road, it's *essential* that that
discussion be reconsidered in detail.

I'd particularly appreciate input from someone who's well up on security
(Ian Jackson, if you've got time?).

Cheers,

Nikhil.

--
Nikhil Nair
Trinity College, Cambridge, England
Tel.: +44 1223 368353
Email: nn201@cus.cam.ac.uk
       nnair@debian.org

--
This message was delayed because the list mail delivery agent was down.

References:
- Re: RFC: Proposal for signed packages
  - From: Christian Leutloff <leutloff@sundancer.tng.oche.de>

Prev by Date: Re: What you are doing _means_something_
Next by Date: /ac184/linux/distributions/debian/bo/Contents
Previous by thread: Re: RFC: Proposal for signed packages
Next by thread: Re: RFC: Proposal for signed packages
Index(es):
- Date
- Thread